Colin Robinson

How to setup LUKS on LVM for Arch

In this blog post, I’ll guide you through the steps to set up LUKS on LVM with Arch Linux.

Step 1: Boot the Arch Linux installation media
To start, you need to boot from the Arch Linux installation media. You can download the latest ISO file from the Arch Linux website and create a bootable USB drive or DVD.

Step 2: Connect to the internet
Make sure you are connected to the internet so that you can download the necessary packages and updates during the installation process.

Step 3: Partition the disk
Use a partitioning tool such as fdisk or cfdisk to partition your hard drive. You’ll need to create at least two partitions – one for the boot partition and another for the LVM partition.

Step 4: Set up LVM
Next, set up LVM on the LVM partition. Use the following commands to create a physical volume, a volume group, and a logical volume:

# pvcreate /dev/sda2
# vgcreate vg0 /dev/sda2
# lvcreate -L 10G vg0 -n root
# lvcreate -L 2G vg0 -n swap
# lvcreate -l +100%FREE vg0 -n home

This will create three logical volumes – one for the root partition, one for swap, and one for the home partition.

Step 5: Set up encryption
Now it’s time to set up LUKS encryption on the logical volumes. Use the following commands to encrypt each volume:

# cryptsetup luksFormat /dev/vg0/root
# cryptsetup luksFormat /dev/vg0/swap
# cryptsetup luksFormat /dev/vg0/home

You’ll be prompted to enter a passphrase for each volume.

Step 6: Open the encrypted volumes
Next, open the encrypted volumes with the following commands:

# cryptsetup open /dev/vg0/root root
# cryptsetup open /dev/vg0/swap swap
# cryptsetup open /dev/vg0/home home

You’ll be prompted to enter the passphrase for each volume.

Step 7: Format the partitions
Now format the partitions using the appropriate file system. For example, to format the root partition with the ext4 file system, use the following command:

# mkfs.ext4 /dev/mapper/root

Do the same for the swap and home partitions.

Step 8: Mount the partitions
Finally, mount the partitions with the following commands:

# mount /dev/mapper/root /mnt
# mkdir /mnt/boot
# mount /dev/sda1 /mnt/boot
# swapon /dev/mapper/swap
# mkdir /mnt/home
# mount /dev/mapper/home /mnt/home

Step 9: Install Arch Linux
Now you’re ready to install Arch Linux. Follow the usual installation process, but when you get to the partitioning step, select the LUKS-encrypted partitions you just created.

Step 10: Configure the bootloader
Finally, configure the bootloader to recognize the encrypted partitions. For example, if you’re using GRUB, add the following lines to /etc/default/grub:

GRUB_CMDLINE_LINUX="cryptdevice=/dev/vg0/root:root cryptkey=rootfs:/root/cryptkey"

Then regenerate the GRUB configuration file with the following command:

# grub-mkconfig -o /boot/grub/grub.cfg

3 Responses to “How to setup LUKS on LVM for Arch”

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.